digital camera and devd
Michal
ml at infosec.pl
Thu Aug 20 22:28:11 UTC 2009
Roland Smith wrote:
>
> I'm not exactly sure what you are trying to achieve here. But here is my
> €0,02:
>
> Create a group called 'usb'. Make every user that you want to be able to use
> usb devices a member of this group. Next, add the following rules to your
> active ruleset in /etc/devfs.rules:
>
> add path 'da*' mode 0660 group usb
> add path 'msdosfs/*' mode 0660 group usb
> add path 'uscanner*' mode 0660 group usb
> add path 'usb*' mode 0660 group usb
> add path 'ugen*' mode 0660 group usb
>
And that is pretty much what I'm doing with two differences:
1. I'm using user name instead of designated group.
2. Following principle of least privilege I don't want to give him
(which just happens to be myself) rights to anything other than my
digital camera. Only this specific camera should trigger changes in
ownership/rights of camera-related device nodes.
I know it looks a bit anal at first glance but it is not ;)
Michal
--
"Let him who desires peace prepare for war." -Flavius Vegetius Renatus
More information about the freebsd-questions
mailing list